3Com 3CRUS2475 Plumbing Product User Manual


 
290 CHAPTER 19: SNMP COMMANDS
User Guidelines
To use SNMPv3, you have to specify an engine ID for the device. You can
specify your own ID or use a default string that is generated using the
MAC address of the device.
If the SNMPv3 engine ID is deleted or the configuration file is erased,
SNMPv3 cannot be used. By default, SNMPv1/v2 are enabled on the
device. SNMPv3 is enabled only by defining the Local Engine ID.
If you want to specify your own ID, you do not have to specify the entire
32-character engine ID if it contains trailing zeros. Specify only the
portion of the engine ID up to the point where just zeros remain in the
value. For example, to configure an engine ID of
123400000000000000000000, you can specify snmp-server engineID
local 1234.
Since the engine ID should be unique within an administrative domain,
the following is recommended:
For a standalone device, use the default keyword to configure the engine
ID.
Changing the value of the engine ID has the following important
side-effect. A user's password (entered on the command line) is
converted to an MD5 or SHA security digest. This digest is based on both
the password and the local engine ID. The user’s command line password
is then destroyed, as required by RFC 2274. As a result, the security
digests of SNMPv3 users become invalid if the local value of the engine ID
change, and the users will have to be reconfigured.
You cannot specify an engine ID that consists of all 0x0, all 0xF or
0x000000001.
The show running-config Privileged EXEC mode command does not
display the SNMP engine ID configuration. To see the SNMP engine ID
configuration, enter the snmp-server engineID local Global
Configuration mode command.
Example
The following example enables SNMPv3 on the device and sets the local
engine ID of the device to the default value.
Console(config) #
snmp-server engineID local default